Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2524

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2011-2524
Last Modified 01 Feb 2012 11:06:16
Published 31 Aug 2011 07:55:02
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-2524

Summary

Directory traversal vulnerability in soup-uri.c in SoupServer in libsoup before 2.35.4 allows remote attackers to read arbitrary files via a %2e%2e (encoded dot dot) in a URI.

Vulnerable Systems

Application

  • Gnome Libsoup 2.0

  • Gnome Libsoup 2.2

  • Gnome Libsoup 2.2.0

  • Gnome Libsoup 2.2.1

  • Gnome Libsoup 2.2.100

  • Gnome Libsoup 2.2.101

  • Gnome Libsoup 2.2.102

  • Gnome Libsoup 2.2.103

  • Gnome Libsoup 2.2.104

  • Gnome Libsoup 2.2.2

  • Gnome Libsoup 2.2.3

  • Gnome Libsoup 2.2.4

  • Gnome Libsoup 2.2.5

  • Gnome Libsoup 2.2.6

  • Gnome Libsoup 2.2.6.1

  • Gnome Libsoup 2.2.7

  • Gnome Libsoup 2.2.91

  • Gnome Libsoup 2.2.92

  • Gnome Libsoup 2.2.93

  • Gnome Libsoup 2.2.94

  • Gnome Libsoup 2.2.95.1

  • Gnome Libsoup 2.2.96

  • Gnome Libsoup 2.2.97

  • Gnome Libsoup 2.2.98

  • Gnome Libsoup 2.2.99

  • Gnome Libsoup 2.23.1

  • Gnome Libsoup 2.23.6

  • Gnome Libsoup 2.23.91

  • Gnome Libsoup 2.23.92

  • Gnome Libsoup 2.24.0.1

  • Gnome Libsoup 2.24.1

  • Gnome Libsoup 2.25.2

  • Gnome Libsoup 2.25.3

  • Gnome Libsoup 2.25.4

  • Gnome Libsoup 2.25.5

  • Gnome Libsoup 2.25.91

  • Gnome Libsoup 2.26.0

  • Gnome Libsoup 2.26.1

  • Gnome Libsoup 2.27.1

  • Gnome Libsoup 2.27.2

  • Gnome Libsoup 2.27.4

  • Gnome Libsoup 2.27.5

  • Gnome Libsoup 2.27.90

  • Gnome Libsoup 2.27.91

  • Gnome Libsoup 2.27.92

  • Gnome Libsoup 2.28.0

  • Gnome Libsoup 2.28.1

  • Gnome Libsoup 2.29.3

  • Gnome Libsoup 2.29.5

  • Gnome Libsoup 2.29.6

  • Gnome Libsoup 2.29.90

  • Gnome Libsoup 2.29.91

  • Gnome Libsoup 2.3.0.1

  • Gnome Libsoup 2.3.2

  • Gnome Libsoup 2.3.4

  • Gnome Libsoup 2.30.0

  • Gnome Libsoup 2.30.1

  • Gnome Libsoup 2.31.2

  • Gnome Libsoup 2.31.6

  • Gnome Libsoup 2.31.90

  • Gnome Libsoup 2.31.92

  • Gnome Libsoup 2.32.0

  • Gnome Libsoup 2.32.1

  • Gnome Libsoup 2.32.2

  • Gnome Libsoup 2.33.4

  • Gnome Libsoup 2.33.5

  • Gnome Libsoup 2.33.6

  • Gnome Libsoup 2.33.90

  • Gnome Libsoup 2.33.92

  • Gnome Libsoup 2.34.0

  • Gnome Libsoup 2.34.1

  • Gnome Libsoup 2.35.3

  • Gnome Libsoup 2.4.0

  • Gnome Libsoup 2.4.1


References

MISC - https://bugzilla.gnome.org/show_bug.cgi?id=653258

UBUNTU - USN-1181-1

SECTRACK - 1025864

REDHAT - RHSA-2011:1102

FEDORA - FEDORA-2011-9763

CONFIRM - http://git.gnome.org/browse/libsoup/tree/NEWS

DEBIAN - DSA-2369

SECUNIA - 47299

Related Patches

Novell SUSE 2011:4945 libsoup security update for SLE 11 SP1 i586


Last Updated: 27 May 2016 10:58:04